40

When I ping my server, it responds:

user@localhost:~$ ping my.server
PING my.server (111.111.111.11) 56(84) bytes of data.
64 bytes from my.server (111.111.111.11): icmp_req=1 ttl=42 time=38.4 ms
64 bytes from my.server (111.111.111.11): icmp_req=2 ttl=42 time=50.0 ms
64 bytes from my.server (111.111.111.11): icmp_req=3 ttl=42 time=58.6 ms
^C
--- my.server ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 38.419/49.037/58.637/8.287 ms

but when I try to ssh (something that I always do, and have been doing for the past few hours on the same connection), it hangs:

user@localhost:~$ ssh my.server

http://speedtest.net says that my connection has 1.5 Mbps download and 0.4 Mbps upload speed.

Is there a reason that ssh hangs?

Results from suggestions provided in answers

from @nsfyn55

user@localhost:~$ telnetmy.server 22 
Trying 111.111.111.11...
Connected to my.server
Escape character is '^]'.
SSH-2.0-OpenSSH_4.3
Connection closed by foreign host.

from @vahid:

user@localhost:~$ nc -v -w 1 111.111.111.111 -z 22
nc: timeout cannot be negative
Mateusz Piotrowski
  • 8,029
  • 10
  • 53
  • 79
Abe
  • 12,956
  • 12
  • 51
  • 72
  • 5
    try `ssh -v` to see at which point it stops. – Michael Krelin - hacker Oct 03 '12 at 19:13
  • ping shows that there is something listening/answering at this address. ssh is a protocol for connecting to this machine, which requires ssh daemon to be up and running and a port (usually port 22) to be open. – Bruno von Paris Oct 03 '12 at 19:18
  • @MichaelKrelin-hacker it stops at `debug1: auto-mux: Trying existing master` – Abe Oct 03 '12 at 19:35
  • hmm thats quite a varied message tried googling it - lots comes back in regards to sequel-pro/ssh http://code.google.com/p/sequel-pro/issues/detail?id=1095 - but then i wonder if you need to wait longer and see if anything else is returned I would also check the serverfault link out - you may need to set up a controller for persistent connections to this host- http://serverfault.com/questions/408416/openssh-disable-controlmaster-for-given-hostname – V H Oct 03 '12 at 22:08
  • but i would try both methods outlined in the above post i.e. ControlMaster no as well as defining the other config one at a time restarting sshd (should be no need but for assurance) then to retry ssh -vakx hostname and give it time – V H Oct 03 '12 at 22:13
  • https://unix.stackexchange.com/questions/105800/not-able-to-ssh-to-another-computer-but-can-ping-it – Ciro Santilli OurBigBook.com Nov 21 '17 at 18:28

3 Answers3

28

ping (ICMP protocol) and ssh are two different protocols.

  1. It could be that ssh service is not running or not installed

  2. firewall restriction (local to server like iptables or even sshd config lock down ) or (external firewall that protects incomming traffic to network hosting 111.111.111.111)

First check is to see if ssh port is up 

nc -v -w 1 111.111.111.111 -z 22

if it succeeds then ssh should communicate if not then it will never work until restriction is lifted or ssh is started

Birkhoff Lee
  • 788
  • 10
  • 21
V H
  • 8,382
  • 2
  • 28
  • 48
  • I get "nc: timeout cannot be negative" – Abe Oct 03 '12 at 20:14
  • nc -v -w 1 localhost -z 22 Connection to localhost 22 port [tcp/ssh] succeeded! you should see succeeded try removing the -w 1 so nc -v 1111.111.111.111 -z 22 - you need to succeed to be able to ssh - but reading below you can telnet to port 22 which makes it sound like you have some sshd config barring u from connecting either on the /etc/hosts.allow deny files defined as sshd: ip but more than likely /etc/ssh/sshd_config AllowUsers user@ip1 user@iprange2.* risky ---------- catch 22 being you need to be on remote server to check all this out – V H Oct 03 '12 at 21:40
  • try ssh -vakx 111.111.111.111 and show us output or google error - it maybe passwordless and awaiting key or something – V H Oct 03 '12 at 21:43
  • 4
    @Abe, maybe you misread the given command—there's a `1` after the `-w` and before the IP address. – Will Apr 18 '14 at 04:50
6

Find out two pieces of information

  • Whats the hostname or IP of the target ssh server
  • What port is the ssh daemon listening on (default is port 22)

$> telnet <hostname or ip> <port>

Assuming the daemon is up and running and listening on that port it should etablish a telnet session. Likely causes:

  • The ssh daemon is not running
  • The host is blocking the target port with its software firewall
  • Some intermediate network device is blocking or filtering the target port
  • The ssh daemon is listening on a non standard port
  • A TCP wrapper is configured and is filtering out your source host
Marco A.
  • 43,032
  • 26
  • 132
  • 246
nsfyn55
  • 14,875
  • 8
  • 50
  • 77
  • I get `user@localhost:~$ telnetmy.server 22
    Trying 111.111.111.11...
    Connected to my.server.
    Escape character is '^]'.
    SSH-2.0-OpenSSH_4.3<\br>Connection closed by foreign host. ` (where `
    ` = newline)     – Abe Oct 03 '12 at 20:16
  • sounds like the port is open. Now try ssh -v @ – nsfyn55 Oct 03 '12 at 20:18
-4

On the server, try:

netstat -an

and look to see if tcp port 22 is opened (use findstr in Windows or grep in Unix).

Littm
  • 4,923
  • 4
  • 30
  • 38
Dianne Dunlap
  • 33
  • 1